Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/YY3HoNYc3FVHJpSQa4j3kjDzZwc.roa
File: YY3HoNYc3FVHJpSQa4j3kjDzZwc.roa (raw, json)
Hash identifier: aZvCCdnd4LR71zFoDvyzvosw60tUtwGQxLVhnHslg9Q=
Subject key identifier: 61:8D:C7:A0:D6:1C:DC:55:47:26:94:90:6B:88:F7:92:30:F3:67:07
Certificate issuer: /CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Certificate serial: 019267093214808205A631DCA8304102D917
Authority key identifier: CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/YY3HoNYc3FVHJpSQa4j3kjDzZwc.roa
Signing time: Mon 07 Oct 2024 12:51:48 +0000
ROA not before: Mon 07 Oct 2024 12:51:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 79.137.194.0/23 maxlen: 23
79.137.196.0/22 maxlen: 22
79.137.202.0/23 maxlen: 23
79.137.204.0/23 maxlen: 23
79.137.206.0/24 maxlen: 24
79.137.207.0/24 maxlen: 24
79.137.248.0/24 maxlen: 24
85.192.24.0/24 maxlen: 24
85.192.25.0/24 maxlen: 24
85.192.26.0/24 maxlen: 24
85.192.27.0/24 maxlen: 24
85.192.40.0/23 maxlen: 23
85.192.42.0/24 maxlen: 24
85.192.56.0/24 maxlen: 24
85.192.60.0/24 maxlen: 24
85.192.61.0/24 maxlen: 24
85.192.63.0/24 maxlen: 24
89.208.96.0/24 maxlen: 24
89.208.97.0/24 maxlen: 24
89.208.103.0/24 maxlen: 24
89.208.104.0/22 maxlen: 22
185.125.100.0/24 maxlen: 24
185.125.101.0/24 maxlen: 24
185.125.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Oct 2024 14:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:67:09:32:14:80:82:05:a6:31:dc:a8:30:41:02:d9:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Validity
Not Before: Oct 7 12:51:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=618dc7a0d61cdc55472694906b88f79230f36707
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d5:07:8b:49:21:e0:db:22:28:b0:a0:69:f3:
8a:1d:66:59:32:7e:b3:98:16:62:fb:71:74:ce:4c:
c1:49:4d:98:2d:a5:8d:38:ec:ee:66:9c:47:c4:be:
3f:1b:5d:bf:09:f3:61:2b:ce:40:e0:6f:5e:b7:ac:
96:6f:f9:e2:10:f8:55:19:f6:43:cc:25:8f:74:f6:
8a:b4:39:27:c0:00:be:67:31:de:30:55:ec:83:bc:
e0:6a:a8:f1:11:8b:4c:65:28:67:86:39:1e:58:72:
c0:73:76:e8:65:37:29:56:f6:29:4c:ae:01:77:cd:
2e:ea:f2:5e:0b:73:47:64:c8:2d:39:cd:e7:93:de:
bd:f3:93:c0:f0:ba:b8:64:52:bb:2f:0a:cc:31:ab:
09:f7:51:c0:d7:cc:53:f5:97:5d:aa:52:d3:28:03:
a1:8f:23:6f:1c:88:b6:a0:31:3c:af:7c:e3:c9:4c:
ab:fc:29:cc:c1:a4:f0:a4:2b:ec:01:0f:ac:c1:21:
1a:48:f0:88:82:4e:0a:1f:f9:d4:72:4f:8e:ed:cf:
42:70:45:cd:8a:d3:62:b1:a9:da:79:82:b3:4e:81:
2d:24:38:d1:79:4c:34:53:d4:45:ce:7c:2c:1c:a8:
bb:d2:5c:49:3e:48:0c:cf:dd:0f:bd:9f:49:87:60:
0a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:8D:C7:A0:D6:1C:DC:55:47:26:94:90:6B:88:F7:92:30:F3:67:07
X509v3 Authority Key Identifier:
keyid:CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/YY3HoNYc3FVHJpSQa4j3kjDzZwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/yhx1cVluREqjI3HLq3JNRtPDxSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.137.194.0-79.137.199.255
79.137.202.0-79.137.207.255
79.137.248.0/24
85.192.24.0/22
85.192.40.0-85.192.42.255
85.192.56.0/24
85.192.60.0/23
85.192.63.0/24
89.208.96.0/23
89.208.103.0-89.208.107.255
185.125.100.0-185.125.102.255
Signature Algorithm: sha256WithRSAEncryption
ca:6a:3a:1e:f3:fc:d0:12:bc:3d:06:fd:a7:9d:89:85:0a:db:
08:74:d1:23:49:5f:ab:e3:a9:d4:37:bf:ca:04:6e:16:9f:5d:
b2:cf:0c:4a:73:fe:f4:a8:1a:11:ba:94:e3:5e:4b:52:ce:be:
74:3f:e9:6e:cd:8c:b7:81:c7:bc:1a:3e:59:5f:6e:1b:1c:96:
00:18:d3:7e:cb:13:e0:10:9b:13:a9:b1:98:11:89:e2:c9:82:
20:89:c8:b1:7d:c2:66:11:80:b7:63:f3:52:ad:f4:29:ff:00:
7f:89:31:55:c5:21:4b:1c:d8:30:74:f0:75:28:9a:12:4f:c3:
2b:ca:55:cf:2b:4b:01:56:6b:b8:57:f5:91:0b:f7:14:51:8d:
2a:91:a5:df:b6:b0:f0:12:ee:17:4c:d6:a1:35:4c:4d:63:81:
fc:8c:f3:31:a8:eb:b3:25:44:b2:ac:30:8e:c1:69:9b:c5:50:
62:94:8b:78:4f:54:b7:69:77:b3:f9:af:a4:21:03:7a:7f:a9:
f5:48:90:3e:5a:50:e2:e6:1a:ba:15:d0:a2:81:25:f7:d8:b2:
bd:b3:57:ed:af:0c:db:92:5a:31:2b:5c:ef:3e:26:84:13:d4:
92:81:5e:c7:38:a3:e9:75:bb:b8:b5:f3:e9:a9:d1:90:b7:b1:
65:d0:3a:d3
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZJnCTIUgIIFpjHcqDBBAtkXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWM3NTcxNTk2ZTQ0NGFhMzIzNzFjYmFiNzI0ZDQ2ZDNj
M2M1MmMwHhcNMjQxMDA3MTI1MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MThkYzdhMGQ2MWNkYzU1NDcyNjk0OTA2Yjg4Zjc5MjMwZjM2NzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9UHi0kh4NsiKLCgafOKHWZZMn6z
mBZi+3F0zkzBSU2YLaWNOOzuZpxHxL4/G12/CfNhK85A4G9et6yWb/niEPhVGfZD
zCWPdPaKtDknwAC+ZzHeMFXsg7zgaqjxEYtMZShnhjkeWHLAc3boZTcpVvYpTK4B
d80u6vJeC3NHZMgtOc3nk96985PA8Lq4ZFK7LwrMMasJ91HA18xT9ZddqlLTKAOh
jyNvHIi2oDE8r3zjyUyr/CnMwaTwpCvsAQ+swSEaSPCIgk4KH/nUck+O7c9CcEXN
itNisanaeYKzToEtJDjReUw0U9RFznwsHKi70lxJPkgMz90PvZ9Jh2AKlwIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFGGNx6DWHNxVRyaUkGuI95Iw82cHMB8GA1UdIwQY
MBaAFMocdXFZbkRKoyNxy6tyTUbTw8UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEt
Yjc2MmMwMTc1ZjI3LzEvWVkzSG9OWWMzRlZISnBTUWE0ajNrakR6WndjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEtYjc2MmMwMTc1ZjI3
LzEveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwajAMAwQBT4nC
AwQDT4nAMAwDBAFPicoDBARPicADBABPifgDBAJVwBgwDAMEA1XAKAMEAFXAKgME
AFXAOAMEAVXAPAMEAFXAPwMEAVnQYDAMAwQAWdBnAwQCWdBoMAwDBAK5fWQDBAC5
fWYwDQYJKoZIhvcNAQELBQADggEBAMpqOh7z/NASvD0G/aediYUK2wh00SNJX6vj
qdQ3v8oEbhafXbLPDEpz/vSoGhG6lONeS1LOvnQ/6W7NjLeBx7waPllfbhsclgAY
037LE+AQmxOpsZgRieLJgiCJyLF9wmYRgLdj81Kt9Cn/AH+JMVXFIUsc2DB08HUo
mhJPwyvKVc8rSwFWa7hX9ZEL9xRRjSqRpd+2sPAS7hdM1qE1TE1jgfyM8zGo67Ml
RLKsMI7BaZvFUGKUi3hPVLdpd7P5r6QhA3p/qfVIkD5aUOLmGroV0KKBJffYsr2z
V+2vDNuSWjErXO8+JoQT1JKBXsc4o+l1u7i18+mp0ZC3sWXQOtM=
-----END CERTIFICATE-----
Generated at Wed Oct 23 19:04:57 2024 by rpki-client on console-ams.rpki-client.org